The LuxSci FYI Blog

by Erik Kangas, PhD, CEO

Kick Your Privacy Up a Notch with Tor

Published: May 8th, 2017

Online privacy is becoming more important as our lives increasingly migrate to the internet. With government surveillance intensifying, you may have come across the term Tor as a way to protect yourself. So what exactly is it?

The Onion Router (TOR), is an open source project that aims to provide anonymous communication for its users. The underlying technology was initially developed by the United States Naval Research Laboratory in the nineties as a way to protect communications within the intelligence community. Tor has since moved over to the open source community, supported by a range of volunteers, privacy advocacy groups, various US government departments and others.

Tor allows web browsing, messaging and chat, as well as access to .onion websites, which are a secretive side of the internet. Unfortunately, Tor cannot give a user complete anonymity, particularly from government level surveillance. This is because these entities have the capability to correlate the traffic that goes into Tor with the traffic that exits. Despite this, it is still a useful tool that can help to enhance privacy in a range of use cases.

How Does Tor Work?

Tor helps to anonymize its users by combining encryption with a relay of nodes that help to hide a user’s path. When traffic travels over Tor, the packets are encrypted in layers. This is where the project gets its onion moniker from. The traffic is sent through three random relays, with each layer only having information for the next destination. Because of this, the IP address of the origin and destination are never visible in the same layer, making it extremely difficult to correlate who is responsible for what traffic. This gives users a high level of privacy.

When traffic is spied on, the origin is disguised and it instead looks as though the previous node was the sender. Despite this, the Tor network still has its weaknesses. It cannot stop anyone from monitoring the entry and exit nodes of the network, meaning that there are vulnerabilities at these points. Although it can protect against traffic analysis, it cannot stop authorities from end-to-end correlation, which can lead to internet activity being linked back to the user.

Users need to be careful with how they use Tor, because it is not some magic pill that gives you immediate invisibility from the authorities. If you reveal personal details over the Tor network, these can still be traced back to you.

There are also a number of plugins and scripts that can leak your IP address, such as Javascript and Flash. Because of this, it is recommended that most new users start with the Tor browser. Another downside of Tor is that the encryption and relaying of traffic significantly slows down internet speeds.

What Is a Darknet?

While darknets might sound evil, the reality is that they are just networks that can only be accessed under authorization or with specialized software. Darknets are difficult for authorities to control, which has led to them becoming a haven for crime as well as online places that protect dissidents, privacy advocates and others.

What Are Onion Websites?

Onion websites (.onion) are the most commonly used part of darknets. They are hidden services that can’t be accessed through the regular internet because they do not have actual DNS names. The only way that they can be visited is by sending a request through the Tor network. The addresses are normally hashes made up of a mix of 16 numbers and letters.

Tor sites are difficult for authorities to trace, so they can provide protection for both the host and those who are accessing them. While there are many legitimate reasons to use Tor, the anonymous nature of hidden services has also led to them hosting a range of illegal activity, including darknet marketplaces, restricted pornography and other forms of crime.

Will Using Tor Make You an NSA Target?

While Tor is an important tool, the anonymity it grants its users has led to it also serving as a hub for crime. Many people assumed that this would make it a natural target for the authorities, and it was confirmed by documents leaked by Edward Snowden in 2014. XKeyscore revealed that even searching the internet for tools such as Tor can get you marked for special attention from the NSA.

This doesn’t mean that you should avoid using Tor, however it does mean that you should be aware of your risk profile, as well as the weaknesses within the Tor system. If you are engaging in a high risk activity, you should look at engaging other tools as well to help improve your anonymity.

Will Using Tor Get You Infected with Malware?

The Tor browser is based on Firefox. Although there are some modifications, many of the exploits that affect Firefox will also work against Tor. As far as Tor specific attacks are concerned, the FBI has been known to exploit vulnerabilities to track access to certain .onion websites.

Is Tor Just for Criminals?

While Tor may get a bad reputation from its association with the Silk Road and other illegal activities, it is unfair to think of it solely from a negative perspective. Tor is simply a tool that can be used in a number of ways, some good and some bad.

The more legitimate uses for Tor include journalism and activism, particularly for those living underneath authoritarian regimes. Whistleblowers have also been known to use the service, as well as ordinary citizens who have concerns about their privacy and traffic analysis. Victims of abuse also use the service to link up with support networks, while law enforcement agencies use it to track websites without letting their presence known.

Can You Combine Tor with a VPN?

You can combine the technologies in two different ways. The first is to use Tor through your VPN. This hides your use of Tor from your ISP and anyone else that may be snooping in. This can be good if you don’t want to raise suspicions by using Tor. Despite this, if your VPN keeps logs, then it is possible for the traffic to be correlated with your IP address. This method also leaves you vulnerable to malicious exit nodes. This is because the traffic leaving the VPN is unencrypted as it enters the Tor network.

The other option is more complicated, however it can protect your traffic from malicious exit nodes. It involves encrypting your traffic with your VPN, sending it through the Tor network, then decrypting it through your VPN before it reaches your destination. Because of this, a malicious exit node will only be able to see encrypted traffic, which helps to protect your anonymity.

Can You Combine Tor with TLS?

Using TLS for normal web browsing over Tor can help to protect you from malicious exit nodes. If the website you are visiting doesn’t have encryption, your data can be exposed between the Tor exit node and the destination server. To prevent yourself from being monitored when you exit the Tor network, make sure that you are only using HTTPS websites.

When it comes to using Tor’s hidden services, TLS is unnecessary. This is because Tor already has end-to-end encryption. If the site owner purchased a certificate to prove the authenticity of the site, this would make it much easier for the authorities to discover it.

Can You Use Tor to Give You Better Privacy on Regular Websites?

Tor is great for enhancing your privacy for regular browsing. It can prevent traffic analysis as well as advertisers gathering data on your activity. Anyone using Tor still needs to be sensible and understand the limitations of the technology as well as how to use it safely. When used properly, low-level users can consider themselves essentially anonymous. Those who are engaging in high risk activities need to be much more aware of the potential points of failure.

Tor vs VPNs

VPNs are another common privacy tool that are getting more attention these days. A VPN encrypts your traffic from the client to the VPN server, meaning that your ISP and others can’t listen in. Unfortunately, the VPN provider themselves may log your data, which could result in you being discovered by the authorities if they are subpoenaed.

Tor works in quite a different manner. The data is encrypted and randomly relayed through the nodes, making it difficult for the authorities to determine the origin of the traffic. The key vulnerability is the exit node, but combining a VPN with Tor can help to alleviate this.

Should You Use Tor?

Tor is an excellent software project that is great for enhancing your privacy online. There are a wide range of use cases where it can essentially keep you anonymous. The most important thing is to understand the limitations of the technology as well as how to use it properly. If you plan on doing anything high risk, you should ensure that you are well versed in how privacy tools work, otherwise you may find the authorities knocking on your door.